Param build: make structures opaque.
[openssl.git] / crypto / param_build.c
1 /*
2  * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright (c) 2019, Oracle and/or its affiliates.  All rights reserved.
4  *
5  * Licensed under the Apache License 2.0 (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10
11 #include <string.h>
12 #include <openssl/err.h>
13 #include <openssl/cryptoerr.h>
14 #include <openssl/params.h>
15 #include <openssl/types.h>
16 #include "internal/cryptlib.h"
17 #include "openssl/param_build.h"
18
19 /*
20  * The number of OSSL_PARAM elements a builder will allow.
21  */
22 #define OSSL_PARAM_BLD_MAX          25
23
24 /*
25  * Special internal param type to indicate the end of an allocate OSSL_PARAM
26  * array.
27  */
28 #define OSSL_PARAM_ALLOCATED_END    127
29
30 typedef struct {
31     const char *key;
32     int type;
33     int secure;
34     size_t size;
35     size_t alloc_blocks;
36     const BIGNUM *bn;
37     const void *string;
38     union {
39         /*
40          * These fields are never directly addressed, but their sizes are
41          * imporant so that all native types can be copied here without overrun.
42          */
43         ossl_intmax_t i;
44         ossl_uintmax_t u;
45         double d;
46     } num;
47 } OSSL_PARAM_BLD_DEF;
48
49 struct ossl_param_bld_st {
50     size_t curr;
51     size_t total_blocks;
52     size_t secure_blocks;
53     OSSL_PARAM_BLD_DEF params[OSSL_PARAM_BLD_MAX];
54 };
55
56 typedef union {
57     OSSL_UNION_ALIGN;
58 } OSSL_PARAM_BLD_BLOCK;
59
60 #define ALIGN_SIZE  sizeof(OSSL_PARAM_BLD_BLOCK)
61
62 static size_t bytes_to_blocks(size_t bytes)
63 {
64     return (bytes + ALIGN_SIZE - 1) / ALIGN_SIZE;
65 }
66
67 static OSSL_PARAM_BLD_DEF *param_push(OSSL_PARAM_BLD *bld, const char *key,
68                                       int size, size_t alloc, int type,
69                                       int secure)
70 {
71     OSSL_PARAM_BLD_DEF *pd;
72
73     if (bld->curr >= OSSL_PARAM_BLD_MAX) {
74         CRYPTOerr(CRYPTO_F_PARAM_PUSH, CRYPTO_R_TOO_MANY_RECORDS);
75         return NULL;
76     }
77     pd = bld->params + bld->curr++;
78     memset(pd, 0, sizeof(*pd));
79     pd->key = key;
80     pd->type = type;
81     pd->size = size;
82     pd->alloc_blocks = bytes_to_blocks(size);
83     if ((pd->secure = secure) != 0)
84         bld->secure_blocks += pd->alloc_blocks;
85     else
86         bld->total_blocks += pd->alloc_blocks;
87     return pd;
88 }
89
90 static int param_push_num(OSSL_PARAM_BLD *bld, const char *key,
91                           void *num, size_t size, int type)
92 {
93     OSSL_PARAM_BLD_DEF *pd = param_push(bld, key, size, size, type, 0);
94
95     if (pd == NULL)
96         return 0;
97     if (size > sizeof(pd->num)) {
98         CRYPTOerr(CRYPTO_F_PARAM_PUSH_NUM, CRYPTO_R_TOO_MANY_BYTES);
99         return 0;
100     }
101     memcpy(&pd->num, num, size);
102     return 1;
103 }
104
105 OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void)
106 {
107     return OPENSSL_zalloc(sizeof(OSSL_PARAM_BLD));
108 }
109
110 void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld)
111 {
112     OPENSSL_free(bld);
113 }
114
115 int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int num)
116 {
117     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
118 }
119
120 int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
121                              unsigned int num)
122 {
123     return param_push_num(bld, key, &num, sizeof(num),
124                           OSSL_PARAM_UNSIGNED_INTEGER);
125 }
126
127 int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
128                              long int num)
129 {
130     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
131 }
132
133 int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
134                               unsigned long int num)
135 {
136     return param_push_num(bld, key, &num, sizeof(num),
137                           OSSL_PARAM_UNSIGNED_INTEGER);
138 }
139
140 int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
141                               int32_t num)
142 {
143     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
144 }
145
146 int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
147                                uint32_t num)
148 {
149     return param_push_num(bld, key, &num, sizeof(num),
150                           OSSL_PARAM_UNSIGNED_INTEGER);
151 }
152
153 int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
154                               int64_t num)
155 {
156     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_INTEGER);
157 }
158
159 int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
160                                uint64_t num)
161 {
162     return param_push_num(bld, key, &num, sizeof(num),
163                           OSSL_PARAM_UNSIGNED_INTEGER);
164 }
165
166 int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
167                                size_t num)
168 {
169     return param_push_num(bld, key, &num, sizeof(num),
170                           OSSL_PARAM_UNSIGNED_INTEGER);
171 }
172
173 int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
174                                double num)
175 {
176     return param_push_num(bld, key, &num, sizeof(num), OSSL_PARAM_REAL);
177 }
178
179 int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
180                            const BIGNUM *bn)
181 {
182     return OSSL_PARAM_BLD_push_BN_pad(bld, key, bn,
183                                       bn == NULL ? 0 : BN_num_bytes(bn));
184 }
185
186 int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
187                                const BIGNUM *bn, size_t sz)
188 {
189     int n, secure = 0;
190     OSSL_PARAM_BLD_DEF *pd;
191
192     if (bn != NULL) {
193         n = BN_num_bytes(bn);
194         if (n < 0) {
195             CRYPTOerr(0, CRYPTO_R_ZERO_LENGTH_NUMBER);
196             return 0;
197         }
198         if (sz < (size_t)n) {
199             CRYPTOerr(0, CRYPTO_R_TOO_SMALL_BUFFER);
200             return 0;
201         }
202         if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
203             secure = 1;
204     }
205     pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure);
206     if (pd == NULL)
207         return 0;
208     pd->bn = bn;
209     return 1;
210 }
211
212 int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
213                                     const char *buf, size_t bsize)
214 {
215     OSSL_PARAM_BLD_DEF *pd;
216
217     if (bsize == 0) {
218         bsize = strlen(buf) + 1;
219     } else if (bsize > INT_MAX) {
220         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING,
221                   CRYPTO_R_STRING_TOO_LONG);
222         return 0;
223     }
224     pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_UTF8_STRING, 0);
225     if (pd == NULL)
226         return 0;
227     pd->string = buf;
228     return 1;
229 }
230
231 int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
232                                  char *buf, size_t bsize)
233 {
234     OSSL_PARAM_BLD_DEF *pd;
235
236     if (bsize == 0) {
237         bsize = strlen(buf) + 1;
238     } else if (bsize > INT_MAX) {
239         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR,
240                   CRYPTO_R_STRING_TOO_LONG);
241         return 0;
242     }
243     pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_UTF8_PTR, 0);
244     if (pd == NULL)
245         return 0;
246     pd->string = buf;
247     return 1;
248 }
249
250 int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
251                                      const void *buf, size_t bsize)
252 {
253     OSSL_PARAM_BLD_DEF *pd;
254
255     if (bsize > INT_MAX) {
256         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING,
257                   CRYPTO_R_STRING_TOO_LONG);
258         return 0;
259     }
260     pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
261     if (pd == NULL)
262         return 0;
263     pd->string = buf;
264     return 1;
265 }
266
267 int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
268                                   void *buf, size_t bsize)
269 {
270     OSSL_PARAM_BLD_DEF *pd;
271
272     if (bsize > INT_MAX) {
273         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR,
274                   CRYPTO_R_STRING_TOO_LONG);
275         return 0;
276     }
277     pd = param_push(bld, key, bsize, sizeof(buf), OSSL_PARAM_OCTET_PTR, 0);
278     if (pd == NULL)
279         return 0;
280     pd->string = buf;
281     return 1;
282 }
283
284 static OSSL_PARAM *param_bld_convert(OSSL_PARAM_BLD *bld, OSSL_PARAM *param,
285                                      OSSL_PARAM_BLD_BLOCK *blk,
286                                      OSSL_PARAM_BLD_BLOCK *secure)
287 {
288     size_t i;
289     OSSL_PARAM_BLD_DEF *pd;
290     void *p;
291
292     for (i = 0; i < bld->curr; i++) {
293         pd = bld->params + i;
294         param[i].key = pd->key;
295         param[i].data_type = pd->type;
296         param[i].data_size = pd->size;
297         param[i].return_size = 0;
298
299         if (pd->secure) {
300             p = secure;
301             secure += pd->alloc_blocks;
302         } else {
303             p = blk;
304             blk += pd->alloc_blocks;
305         }
306         param[i].data = p;
307         if (pd->bn != NULL) {
308             /* BIGNUM */
309             BN_bn2nativepad(pd->bn, (unsigned char *)p, pd->size);
310         } else if (pd->type == OSSL_PARAM_OCTET_PTR
311                    || pd->type == OSSL_PARAM_UTF8_PTR) {
312             /* PTR */
313             *(const void **)p = pd->string;
314         } else if (pd->type == OSSL_PARAM_OCTET_STRING
315                    || pd->type == OSSL_PARAM_UTF8_STRING) {
316             if (pd->string != NULL)
317                 memcpy(p, pd->string, pd->size);
318             else
319                 memset(p, 0, pd->size);
320         } else {
321             /* Number, but could also be a NULL BIGNUM */
322             if (pd->size > sizeof(pd->num))
323                 memset(p, 0, pd->size);
324             else if (pd->size > 0)
325                 memcpy(p, &pd->num, pd->size);
326         }
327     }
328     param[i] = OSSL_PARAM_construct_end();
329     return param + i;
330 }
331
332 OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld)
333 {
334     OSSL_PARAM_BLD_BLOCK *blk, *s = NULL;
335     OSSL_PARAM *params, *last;
336     const size_t p_blks = bytes_to_blocks((1 + bld->curr) * sizeof(*params));
337     const size_t total = ALIGN_SIZE * (p_blks + bld->total_blocks);
338     const size_t ss = ALIGN_SIZE * bld->secure_blocks;
339
340     if (ss > 0) {
341         s = OPENSSL_secure_malloc(ss);
342         if (s == NULL) {
343             CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM,
344                       CRYPTO_R_SECURE_MALLOC_FAILURE);
345             OPENSSL_free(bld);
346             return NULL;
347         }
348     }
349     params = OPENSSL_malloc(total);
350     if (params == NULL) {
351         CRYPTOerr(CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM, ERR_R_MALLOC_FAILURE);
352         OPENSSL_free(bld);
353         OPENSSL_secure_free(s);
354         return NULL;
355     }
356     blk = p_blks + (OSSL_PARAM_BLD_BLOCK *)(params);
357     last = param_bld_convert(bld, params, blk, s);
358     last->data_size = ss;
359     last->data = s;
360     last->data_type = OSSL_PARAM_ALLOCATED_END;
361
362     /* Reset for reuse */
363     memset(bld, 0, sizeof(*bld));
364     return params;
365 }
366
367 void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params)
368 {
369     if (params != NULL) {
370         OSSL_PARAM *p;
371
372         for (p = params; p->key != NULL; p++)
373             ;
374         if (p->data_type == OSSL_PARAM_ALLOCATED_END)
375             OPENSSL_secure_clear_free(p->data, p->data_size);
376         OPENSSL_free(params);
377     }
378 }